Thanks Will, I'm beginning to understand I think. If I were to subclass the org.apache.catalina.authenticator.FormAuthenticator class where would I declare that class? Would it be somewhere in the web.xml or somewhere in the server.xml or somewhere else?
--- Will Hartung <[EMAIL PROTECTED]> wrote: > > From: "David Reed" <[EMAIL PROTECTED]> > > Sent: Wednesday, March 05, 2003 2:10 PM > > Subject: Re: remember password HOW-TO? > > > > Thanks Will, So what are my alternatives to > container > > based authentication? > > Common wisdom today would be to use Filters, as > they're pretty much ideal > for this depending on how your app is set up (i.e. > if your app is fairly > straightforward). > > The real problem is that you can't mix and match. > You either have to use > Your Way entirely, or the Container Way. So, all of > your code relying on the > Servlet API for Roles and what not have to be > changed, which is invasive and > quite the drag. > > If you're willing to beat on Tomcat, then you can > probably more easily tweak > the > org.apache.catalina.authenticator.FormAuthenticator > class, or subclass > it which would be safer. Tweaking that to support a > "remember me" function > would be a lot less code for you to write than > implementing your own entire > system, plus you'll not have to change any of your > interior security > checking code. > > Of course, this isn't portable to another container. > > Someone else may have a pointer to a plug in > Servlet/Filter based security > system that's available on the web, I haven't looked > myself. > > Regards, > > Will Hartung > ([EMAIL PROTECTED]) > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > __________________________________________________ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
